Data centers provide services to customers accessible via the Internet. In the software world, the data centers act as service providers and the customers as service consumers. The service provider is not necessarily equivalent to the software provider. In many cases, a service provider and a software provider agree on certain conditions in which the service provider can offer the different software services to its customers. The services that the data centers provide may include hosting of applications and data.
The offered service is, in most cases, a composition of lower level services. Resources are dynamically allocated corresponding to the service specification and the customer requirements. A service level agreement (SLA) is a formally negotiated agreement between two parties. It is a contract that exists between customers and their service provider, or between service providers. It records the common understanding about services, priorities, responsibilities, guarantee, and such that is acceptable and deliverable by the parties involved—collectively, the level of service. Changing the resource allocation, the service composition, or the service usage may result in the customer or data center provider changing their perception of risk regarding their potential for service level agreements to be violated. These effects, combined with the high frequency of new service requests and the dynamics of the different services, make the management of data centers more and more difficult.
A data center's provisioning process incorporates many constraints, service characteristics, as well as the objectives of the data center provider and the objectives of the individual customers. One important aspect that needs to be better automated is protection, security and isolation of hosted application services.
In general, a customer's concerns regarding the protection of its hosted applications and data in a data center can be addressed in many ways. For example, some physical firewalls can be used to clearly disconnect dedicated servers running applications of different and maybe competing companies. As one can see, the different protection approaches correspond with different costs necessary to implement the specific protection mechanism. Thus, different customers at data centers will have different perceptions of the best trade-off solution between a high level of security and the related costs.
In order to establish a contract between the service provider and the customer in many business environments, the customers still need to sign paper-written contracts that clearly specify the provision of specific services and the corresponding behavior rules and costs for the service consumers. This becomes a bottleneck as the number of customer requests per time interval is constantly increasing. Thus, automatic mechanisms need to replace the manual negotiation and specification of the agreements. Additionally to the specification of SLAs, the negotiation between service providers and service consumers need to be automated. Again, driven by scientific applications, some approaches for negotiation protocols exist. However, these attempts again focus on the computational requirements for certain services and omit the customer's protection and security concerns.